Posted on 08/26/2005 1:41:45 PM PDT by ZGuy
Authorities in Morocco and Turkey have arrested two people believed responsible for a computer worm that infected networks at U.S. companies and government agencies earlier this month.
Farid Essebar, 18, was arrested in Morocco, while Atilla Ekici, 21, was arrested in Turkey on Thursday, Louis M. Riegel, the FBI's assistant director for cyber crimes, said Friday. They will be prosecuted in those countries, Riegel said.
Essebar wrote the code that attacked computers that run Microsoft Corp. operating systems and Ekici paid him for it, Riegel said. It's unclear they ever met, "but they certainly knew each other via the Internet," he said.
Riegel said he does not know how much money changed hands. Microsoft and FBI officials also declined to estimate the monetary damage done by the Zotob worm and its variations.
The pair also is believed responsible for an earlier worm, Mytob, that first showed up in February, Riegel said.
The Zotob worm and its variations targeted computers that run Microsoft Corp. operating systems, with Windows 2000 users most seriously affected.
The worm disrupted computer operations in mid-August at several large news organizations, including The Associated Press, ABC, CNN, and The New York Times; such companies as heavy-equipment maker Caterpillar Inc.; and the federal Immigration and Customs Enforcement bureau.
Microsoft played a large role in locating the suspects, said Riegel and Microsoft general counsel Brad Smith.
The worm emerged just a week after the software giant had warned of a security flaw and released a "critical" patch for it, which is most severe on Windows 2000 systems. Those computers can be accessed remotely through the operating system's "Plug and Play" hardware detection feature.
Protective patches, plus instructions for cleansing infected systems, are available on the company's Web site.
Zotob and its variations can attack a computer without needing to open any software, so some users would be infected without knowing it.
Experts said the damage probably wouldn't be substantial because most companies made the necessary software fixes quickly.
Windows 2000 also is more than five years old, and Microsoft has released several new versions of its operating system and security overhauls since then, further limiting the exposure.
In before the Zotob?
...so what are they gonna do to them?..take away their keyboards?
Doogle
I'd like to meet each, and kick them both so hard in the stones that you'd swear they had 3 Adams Apples.
RElated story:
Law enforcement officials have arrested two men suspected of unleashing of a pair of computer worms, including last week's Zotob, which hit servers at American Express, The New York Times and elsewhere.
Farid Essebar, age 18, a Moroccan national born in Russia, was arrested in Morocco, and 21-year-old Atilla Ekici, a Turkish resident, was arrested in Turkey, Paul Bresson, a spokesman for the FBI, said Friday. Both suspects were detained Thursday and will be prosecuted in the countries in which they were arrested, Bresson said.
Bresson said that Essebar, who went by the nickname "Diabl0," and Ekici, known as "Coder," are suspected of creating both the Mytob and Zotob worms.
The Zotob worm attacked computers running Microsoft's Windows 2000 operating system, and the worm and its offshoots last week hit PCs and servers worldwide, including machines at ABC, CNN and Daimler Chrysler.
Zotob included some of the code used in Mytob, an e-mail worm that first started spreading in March. To date, more than 100 variants of Mytob have been spotted. The worm is distributed via mass e-mail campaigns and features so-called backdoor capabilities, allowing attackers to remotely control infected computers.
Both Mytob and Zotob attacked computers running Windows. Zotob and its variants exploited a security hole in the plug-and-play feature in the OS, for which Microsoft provided a fix earlier this month.
The FBI initiated the investigation into Mytob and Zotob, cooperating with Microsoft and others to trace the origins of the worms, Bresson said. Law enforcement agencies in Morocco and Turkey were instrumental in the investigation, he said.
These people who do destructive things to other people's computers should be made to say why they do such things. And then they should be beaten and sentenced to death!
Call me paranoid if you wish, but considering the name, nationalities and targets involved here,I wonder if this was more than a simple computer worm attack.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.